At present, when providing a service to a mobile subscriber, a majority of application servers first establish with the mobile subscriber a mutual trust relationship, such as that between the mobile subscriber and an authentication proxy, that between the mobile subscriber and a Public Key Infrastructure (PKI) certificate organization, that between the mobile subscriber and the content providing server, and the like. Generally, such trust relationship is established during the bidirectional authentication procedure between the mobile subscriber and the application server.
In the 3G radio communication standards, Generic Authentication Architecture (GAA) is a general architecture used by various application service entities to verify subscriber identities and can check application service subscribers and verify the subscriber identities. The above application service can be a multicast/broadcast service, a user certificate service, a service for providing instant information, or a proxy service.
FIG. 1 is a schematic diagram illustrating the architecture of the GAA which generally includes a subscriber 101, a Bootstrapping Server Function (BSF) 102 performing initial check and verification of subscriber identities, a Home Subscriber Server (HSS) 103 and a Network Application Function (NAF) 104. BSF 102 serves to perform mutual identity verification with subscriber 101 and generate a shared key for BSF 102 and subscriber 101. HSS 103 stores a Profile for describing subscriber information and has the function of generating authentication information.
When desiring to use a service, the subscriber communicates with the BSF directly for mutual authentication if the service needs a mutual authentication procedure with the BSF. Otherwise, the subscriber first contacts a NAF corresponding to the service, and if the NAF uses the GAA and the subscriber requesting the service has not communicated with the BSF for the mutual authentication procedure, the NAF notifies the subscriber requesting the service to perform the identity verification with the BSF.
Upon successful mutual authentication, the subscriber and the BSF authenticate each other's identity and generate a shared key, Ks. Further, the BSF defines a lifetime for the Ks to facilitate its update. Later, the BSF allocates a Bootstrapping Transaction Identifier (B-TID) for the subscriber and transfer the B-TID with the lifetime for the Ks to the user equipment (UE), wherein the B-TID is associated with the Ks. The shared key, Ks, which is used as a root key, will not leave the subscriber's UE and BSF. When the subscriber communicates with the NAF, a key derived from the Ks, Ks_NAF, is used to protect the communication.
The disadvantages of the GAA are: 1. only one authentication mechanism (i.e., the AKA authentication mechanism) being supported in the authentication between the subscriber and the BSF; 2. the authentication mechanism not providing the authentication between the BSF and NAF, which may result in stealing of secret information of the subscriber by attackers counterfeiting the NAF.
In 3GPP2, there is also a GAA, referring to FIG. 2. FIG. 2 is a diagram illustrating a GAA in the existing 3GPP2. The GAA in 3GPP2 includes a Mobile Node (MN) 201, a Network Application Function (NAF) 202, a BSF 203 for performing initial check and verification of subscriber identities, an HSS 204, a Home Location Register/Authentication Centre (HLR/AC), and an Authentication Authorization Accounting (AAA) server.
If desiring to use the service provided by the NAF, the MN first has to perform the mutual authentication with the BSF. There are three types of mutual authentication mechanisms (including an AKA authentication mechanism, a CAVE-based authentication mechanism and an AAA-based authentication mechanism) which can be chosen freely according to the support condition of the MN and network and the operator's local policy.
However, the GAA in 3GPP2 only supports three authentication mechanisms, which is not applicable for the mutual authentication between one service entity and various networks. Furthermore, the authentication mechanism does not provide the authentication between the BSF and the NAF, which may result in stealing of secret information of the subscriber by attackers counterfeiting the NAF.
To sum up, the existing GAAs are just applicable within the standard they belong to and are restricted by the networks and the service entities, and thus have some limitations.